The many InfraGard website representing different states, regions of the country, and sectors of the economy are presented as if public disclosure were one of the organization’s virtues. Therefore it prominently lists its membership as “23,682 members, including FBI”.

However, without a background check and a password don’t expect to be anymore privy and have any more access to the warnings and information sharing between the US government (the FBI, FEMA, and Homeland Security, among many others) and this group of “special citizens” than you will have to the special access chatter about “pro-police” and “anti-police” businesses on the Spokane Police Guild website. Just how special these “special citizens” are, what access they have, and whether or not they have been given “shoot to kill” authority by the U.S. government, is not all entirely clear. Yet.

And all of this raises many other questions such as the connection between programs such as InfraGard and such programs such as state level “fusion centers“. It is this entire matter of “private-public collaboration” in surveillance and the growing national security apparatus in the U.S. which is raised by Matthew Rothschild in his article and his interview with Amy Goodman. As he states in his interview with Goodman, “it is another piece of our bill of rights going down the tubes, another aspect of repression that the Bush Administration has built up…it is really frightening what is happening to our democracy here”. And it is another piece of in the increasing extra-constitutional privatization of U.S. military, intelligence, policing, and prisons.

The InfraGard website states in its most simplistic description of the organization:

InfraGard is an information sharing and analysis effort serving the interests and combining the knowledge base of a wide range of members. At its most basic level, InfraGard is a partnership between the Federal Bureau of Investigation and the private sector. InfraGard is an association of businesses, academic institutions, state and local law enforcement agencies, and other participants dedicated to sharing information and intelligence to prevent hostile acts against the United States. InfraGard Chapters are geographically linked with FBI Field Office territories.

So where to start? If we take the FBI’s word on it, we are talking about an average of about 473 InfraGard members per state. Of course territories — such as Puerto Rico — are no doubt included but let’s go with 23,682 members in 50 states.

A good example of a state InfraGard chapter is the Connecticut chapter, a registered 501(c)3 763 members representing 485 organizations.

So who are likely members in the state of Washington?

Obviously FBI personnel themselves, though not all are specifically assigned. In terms of FBI agents in the state of Washington, FBI guardian angel, U.S. senator Patty Murray recently stated that Washington state has only 133 FBI agents assigned here. She apparently bought the argument of police chiefs in the state (most of whom have intimate relationships with the FBI) as well as the tale by former FBI agent, now Safeway loss prevention officer, that:

…. grocery stores along the Interstate 5 corridor in Washington state have been targeted by organized thieves, many of whom are undocumented immigrants driving cars with California plates. Typically, the items stolen wind up in the Vancouver, Wash., and Portland areas, and they eventually are repackaged and reintroduced into the supply line.

The portrayal of Infragard as “a secret organization” is clearly correct. First of all, without a U.S. government security clearance, you will not be accepted for membership. The many InfraGard sub-organizations, whether they represent states, industries or regional membership, all provide limited access membership areas on the internet.

However, the fact that Infragard is secret does not mean that a half hour on the internet will not turn up a good bit of information about it. The CIA and the NSA are also secret organization and a lot is know about them. We just don’t know exactly which prisoners are being sodomized at Guantanamo or by precisely which branch of the U.S. government. Likewise we do not know the exact extent of Soviet-era spying on U.S. citizens by neighbors, coworkers, and employers by InfraGard and its member network.

Let’s start with the likely e-mail address for Spokane’s Infragard FBI agent — infragard.spokane@fbi.gov This comes from extrapolating from other Infragard FBI email’s such as that of the Atlanta office.

And who would be my guess of the primary Spokane InfraGard FBI contact?Andy Castor. And then there is Erin Klunder from the FBI’s Seattle office and listed in 2007 as “Infragard Coordinator” (whatever the hell that is) for Washington state’s Evergreen Chapter of InfraGard.

Greg Chartrand, a counterintelligence officer at Pacific Northwest National Laboratory, has been elected Vice President of InfraGard’s Evergreen Chapter in Washington State. InfraGard is a partnership between the FBI and the private sector that was established to share information and intelligence regarding critical infrastructures. Chartrand specializes in information sciences and special technologies. He is the first PNNL employee to serve in the role of vice president of InfraGard’s Evergreen chapter. (announced 4/1/2006)

Now guess, who is the Infragard Evergreen Chapter President?

From the Washington state InfraGard website at http://www.infragard-wa.org/ here is a list of the 2007 Board of Directors of the Evergreen Chapter:

So who is Todd Plesco? Todd it turns out is not only Compliance Security Officer for King County Public Health, one of the largest health departments in the U.S, where access to medical records is part of his job, an access that is probably pretty useful to the FBI as part of Todd’s role as an Infragard secret agent man. Not always looking happy, Todd has a resume that probably is not too different from a lot of the techie’s involved in Infragard — military experience, lots of information security background, and training at Homeland Security’s Federal Law Enforcement Training Center (FLETC) in Glencoe, Georgia. From Todd’s personal blog (Todd Plesco’s Desert Storm Gallery), here is a trophy photo from his days in the U.S. Marine Corps during Gulf War 1. Todd describes the shot by writing, “Since the Middle East forbade alcohol, we found it a task to obtain one frosty cold beer. Here I am, having a celebratory beer on news that Pres Bush has determined “mission accomplished”. My guess it that it was not much of a task to find that cold one, in reality, was it Todd? Nor to find that medical record that the FBI asked you for on a King County resident of interest for their involvement in protesting phase two of the Bush families wars in Iraq and the Gulf.

InfraGard provides us a look at social networking in the age of the surveillance society and the recruitment of a domestic intelligence organization. Thus it is no surprise that Todd Plesco participates in every on line social networking circle imaginable from FaceBook to PeekYou to MeetUp to Friendster and in most all of them makes reference, even in Friendster, to his InfraGard affiliation.

Closer to home, who are two prominent Spokane participant in InfraGard? Nolan Garrett and Jeff Jones, co-founders of Intrinium Security in the Spokane Valley (see bios at crosstechmedia.com) As their company website shows, Garrett and Jones are InfraGard recruiters. From the Intrinium website, you can go directly to the InfraGard website and watch a video of FBI director Robert Mueller extolling the virtues of paranoia and domestic spying/surveillance (remember it was on Mueller’s incompetent watch that this country lost the Twin Towers.

The cachet of Infragard membership is such that some members use it as a tag added to their names when they sign blog entries.

And don’t worry, if you are looking for membership in this “club” and have the following documents, your application will be expedited:

InfraGard Qualified Substitutes for Records Check

The following United States Government-issued Security Clearances are Qualified Substitutes for the records check required for InfraGard Membership:

Confidential

Secret

Top Secret

An InfraGard Applicant/Member may submit evidence of their possession of one of the above clearances to expedite the initial processing and periodic renewal of their InfraGard Membership.

And please remember: All applications should be typed and placed in a sealed envelope.

What sort of people are members of Infragard? Well, given that it started out in 1996 under the pretext of “guarding the infrastructure” of the cybernetic world, many members were and are computer techs, ITs, techie-types.

In the case of Mr. Chartrand, mentioned above for his role as Vice President of InfraGard’s Evergreen Chapter in Washington State, he is a counterintelligence officer at Pacific Northwest National Laboratory. This despite serious intel shortcomings at the labs.

Intel Shortcomings at Two Labs: IG. An inspector general inquiry at the Lawrence Livermore and Pacific Northwest national laboratories has found that while federal and contractor employees were generally in compliance with Energy Department policies and procedures for intelligence activities, only four of 29 intelligence and counterintelligence analysts at the labs interviewed could define a “U.S. person.” In a new report, the IG said it also found that the labs’ reviews to assess adherence to guidelines on retention of information on U.S. persons were incomplete and that none of the 29 analysts interviewed could correctly describe the process for reporting conduct that would violate a 1981 executive order aimed at ensuring the effectiveness of intelligence and counterintelligence activities. In conducting the review, the IG interviewed DOE and National Nuclear Security Administration officials at the Richland (Wash.) Operations and the Livermore (Calif.) Site offices, and contractor officials at LLNL and PNNL. To remedy the problems, the IG recommended that DOE and NNSA ensure employees receive training familiarizing them with the Executive Order and DOE Procedures for Intelligence Activities. The directors of the DOE and NNSA intelligence officers agreed with the recommendations, and told the IG in an Aug. 6 letter they would “will make a renewed effort to ensure” all pertinent employees “achieve the requisite familiarity” with the department’s procedures and the executive order. The report is available at http://www.ig.doe.gov.

And of course, as one would expect, a major government project to infiltrate civic society will produce many offspring. Take this for example, Agrigard.

What is Agrigard? According to the InfraGard website, The food and agriculture section of the program, dubbed AgriGard, is where farmers and other rural residents have a role to play. Food and agriculture was designated a special interest group because it’s physically impossible for local law enforcement or any government agency to secure every head of livestock, field and tanker truck across the nation.

Members of AgriGard use a secure Internet portal to provide the FBI “on-the-ground” information about their local communities that may be helpful in preventing terrorism and other crimes. They are able to access current information about local threats, advisories, alerts and warnings, many of which are not available to the public. Members also may share information with each other and the FBI through the secure portal, in addition to learning about ongoing research on critical infrastructure protection.

And as Infragard and its FBI bosses indicate repeatedly, “You may not be an FBI agent, but you can do your part to protect America by joining today.” They appeal to the “secret agent man” and Soviet bloc neighborhood informant in every American, for example stating,

The proliferation in recent years of popular television programs and movies featuring FBI agents might lead one to believe entry into that profession is open to virtually anyone with a yearning for adventure and a belief in the agency’s motto – “Fidelity, Bravery, and Integrity.” The truth, however, is that rigorous academic, fitness and security standards preclude most Americans from ever becoming FBI agents. But farmers, ranchers and other rural residents do have a unique opportunity to help the FBI protect America’s food supply, through membership in local chapters of the FBI’s InfraGard program.

Infragard members now have their own website and “alliance” at http://www.infragardmembers.org/ and their own Infragard National Members Alliance Quarterly Newsletter, subscription to which is of course reserved for your neighbors, friends, coworkers and employers who have passed an FBI background check.

Or perhaps you want to become a Weapons of Mass Destruction First Responder . (As an example of the fact that anyone in our communities might be part of this secret FBI organized organization, the author of this first responer article is Freeman Mendell, Infragard National Members Alliance Board of Directors member and an Audit Manager for the Galveston County Auditor’s Office in Galveston County, Texas. The language used in the documents and websites of and related to Infragard is troubling to some and has been from the start, especially the use of the term “homeland”. From the 2007 National Strategy for Homeland Security comes this:

As we sustain the evolution underway in these areas, success in securing the Homeland
requires that we prioritize the continued transformation of our law enforcement and military
instruments of national power.

What type of weapons might the U.S. government arm members of Infragard with? One example from this network news video is this LED Incapacitator, a new weapon for which U.S. Homeland Security paid almost $1 million dollars. It is expected to be put in the hands of local and state police forces, the US Coast Guard, Secret Service, Border Patrol and U.S. Air Marshalls. The film footage in the video link had to be modified by KOVR CBS Channel 13 in Sacramento, California to prevent it from causing TV viewers to become dizzy. The video photo starts with protesters being attacked by police, suggesting that this is the type of scenario in which the weapon would be used.

So at what type of meeting might there be a prominent presence of InfraGard? The Secure World Expo for one. Without much more brains than the FBI team tracking Osama Bin Laden, one can conclude that all the sponsor organizations listed down the left side of that web page are deeply InfraGard involved. And they are only the tip of the iceberg. Of course the model is to integrate all government and corporate entities in this neo-fascist, national security state project.

Too many companies separate different security disciplines into different departments. This espionage case study, demonstrates that you need holistic protection to truly protect your information.

The Attack
An accomplice and I tested this organization’s susceptibility to social engineering. Getting started, we reconnoitered the main entrance to our client’s building and found that the reception/security desk, staffed by a single female receptionist, was in the middle of a very large lobby. The next day, we walked into the building during the morning rush pretending to be on cell phones. We stayed at least 15 feet from the woman at the security desk and simply ignored her as we walked by.

Once inside the facility, we found a conference room, setup shop and sat down to plan the rest of the day, deciding that a facility badge would be a great way to get things rolling. I picked up the phone, called the main information number and asked for the office that makes up the badges. I was forwarded to the reception/security desk and, pretending to be the CIO, told the person on the other end of the line that he wanted a couple of subcontractors to get badges. The person told me to “send them down to the main lobby.”

A uniformed guard greeted us in the lobby and took us back to a room where they made up the badges. The guard asked us what we were working on, and we mentioned computers, so he asked us if we needed access to the computer room. Of course I said, “That would help.”

Within minutes my accomplice and I both had badges with access to all office areas and the Computer Operations Center. An hour later, we went to the basement and used my badge to open up the main computer room door. Everyone was in one room of the facility. Through a window we saw what appeared to be the server room and used my badge to walk right in. There was one monitor turned on and it appeared to be a Windows Primary Domain Controller (PDC). We brought up the user administration tool, added a new user to the domain, and made the user a member of the administrators group, then quickly left.

With in two hours we had full control of and access to the entire corporate network, for all practical purposes. As part of this test, we also used the badges to perform some after-hours walkthroughs of the building focusing on the executive suites. In doing this, we found the key to the CEO’s office and were able to plant a mock bug in there. Can you imagine the ramifications of that?

The Outcome
Nobody outside the team knew what we did until they were told. After they were informed, the guard supervisor called me and wanted the name of the guard who issued the badges. I told him that the fact that he didn’t know who did it was a problem in and of itself and refused to disclose this information. If he wanted it, he would have to contact the CIO.

Clearly, this focuses on one attack vector of the espionage simulation. There were weaknesses in the organization’s computers, as well as their overall physical security, providing multiple ways to compromise the same information. The compromised information could have resulted in tremendous loss of intellectual property, and in some cases, placed the corporate executives at great risk. Since the company’s line of business involves critical infrastructure components, the information could enable successful terrorist attacks.

How this Could Have Been Prevented
This espionage simulation highlighted how physical and technical vulnerabilities combine to cause great damage, and security programs must be holistic in response. The security desk should have been closer to the entrance, and there should have been a formal process for issuing badges. Access to special areas, like the computer room, should require approval from a known entity and once granted, a confirmation should have been sent to the approver. The password feature of the screensaver for the PDC should have been activated, the account should not have been logged on in the first place, and the addition of an administrator-level account should have been audited and alerted.

Ira Winkler CISSP, CISM is well known for his social engineering skills. More of his case studies appear in his books, Corporate Espionage and Spies Among Us.